﻿using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
using Microsoft.Graph;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using System.Net;
using System.Reflection.Metadata;
using System.Security.Claims;
using System.Text;
using System.Text.Json;
using Video.Application.Contract.UserInfos;
using Video.Application.Contract.UserInfos.Dtos;
using Video.Application.UserInfos;
using Video.Domain.Shared;
using Video.Domain.Users;
using Video.HttpApi.Host.OPtions;

namespace Video.HttpApi.Host.Controllers
{
    [ApiController]
    [Route("api/[controller]")]
    
    public class AuthController : ControllerBase
    {
        private readonly IUserInfoService _userInfoService;
        private readonly JWTOptions jwtOptions;
        public AuthController(IUserInfoService userInfoService, IOptions<JWTOptions> options)
        {
            _userInfoService = userInfoService;
            jwtOptions = options.Value;
        }

        /// <summary>
        /// 登录
        /// </summary>
        /// <param name="input"></param>
        /// <returns></returns>
        [HttpPost]
        public async Task<string> PostAsync(LoginInput input)
        {
            var userInfo = await _userInfoService.LoginAsync(input);
            if(!userInfo.Enable)
            {
                throw new BusinessException("账号被禁用，请联系管理员");
            }
            // 设置角色
            var roles = userInfo.Role.Select(x => new Claim(ClaimsIdentity.DefaultRoleClaimType, x.Code!)).ToList();
            // 设置用户信息
            roles.Add(new Claim(ClaimsIdentity.DefaultIssuer, JsonSerializer.Serialize(userInfo)));
            roles.Add(new Claim(Domain.Shared.Constant.Id,userInfo.Id.ToString()));
            
            

            var keyBytes = Encoding.UTF8.GetBytes(jwtOptions.SecretKey!);
            var cred = new SigningCredentials(new SymmetricSecurityKey(keyBytes),
                SecurityAlgorithms.HmacSha256);

            var jwtSecurityToken = new JwtSecurityToken(
                jwtOptions.Issure, // 签发者
                jwtOptions.Audience, // 接收者
                roles, // payload
                expires: DateTime.Now.AddMinutes(jwtOptions.ExpireMinutes), // 过期时间
                signingCredentials: cred); // 令牌

            return new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken);
        }
        [HttpPost("Regist")]
        public async Task<string> RegistAsync(RegisterInput registerInput)
        {
            var userInfo= await _userInfoService.RegisterAsync(registerInput);
            
            // 设置角色
            var roles = userInfo.Role.Select(x => new Claim(ClaimsIdentity.DefaultRoleClaimType, x.Code!)).ToList();
            // 设置用户信息
            roles.Add(new Claim(ClaimsIdentity.DefaultIssuer, JsonSerializer.Serialize(userInfo)));
            roles.Add(new Claim(Domain.Shared.Constant.Id, userInfo.Id.ToString()));



            var keyBytes = Encoding.UTF8.GetBytes(jwtOptions.SecretKey!);
            var cred = new SigningCredentials(new SymmetricSecurityKey(keyBytes),
                SecurityAlgorithms.HmacSha256);

            var jwtSecurityToken = new JwtSecurityToken(
                jwtOptions.Issure, // 签发者
                jwtOptions.Audience, // 接收者
                roles, // payload
                expires: DateTime.Now.AddMinutes(jwtOptions.ExpireMinutes), // 过期时间
                signingCredentials: cred); // 令牌

            return new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken);
        }
    }
}
